web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / Field Security Profile...
Microsoft Dynamics CRM (Archived)

Field Security Profile Issue

(1) ShareShare
ReportReport
Posted on by Community Member

Good morning everyone,
I'm trying to modify the security properties of a personalized field, inserted in the company account form.
I divided the permission into "system admin" and "non-admin".
For "non-admin" users that filed cannot be modified, so I set these values: Read-> Yes, Update->No, Create->No.

CompanyAcc2.PNG

But in this way, when a "non-admin" user creates a company account, has this error (error code: 2147158777)

How can I restrict permissions to that field for a Group of users without this error?

 

Thanks,

L

*This post is locked for comments

I have the same question (0)
  • ScottDurow Profile Picture
    ScottDurow 21 on at

    Could you download the log file and post the contents. It is like that there is a plugin that is trying to update the secured field under the current user's identity.

  • Community Member Profile Picture
    Community Member on at

    First of all, thanks for your response.

    The log file is the following

    Unhandled Exception: System.ServiceModel.FaultException`1[[Microsoft.Xrm.Sdk.OrganizationServiceFault, Microsoft.Xrm.Sdk, Version=5.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]: User with ID 009a2ca6-a709-e311-bda9-005056b832ff does not have Update permissions for the new_invoiceandpod attribute in the new_companyaccount entity. The new_companyaccountid of the record is 5a162ce4-dcce-e411-b9bf-005056b832ffDetail:

    <OrganizationServiceFault xmlns:i="www.w3.org/.../XMLSchema-instance&quot; xmlns="schemas.microsoft.com/.../Contracts&quot;>

     <ErrorCode>-2147158777</ErrorCode>

     <ErrorDetails xmlns:d2p1="schemas.datacontract.org/.../System.Collections.Generic&quot; />

     <Message>User with ID 009a2ca6-a709-e311-bda9-005056b832ff does not have Update permissions for the new_invoiceandpod attribute in the new_companyaccount entity. The new_companyaccountid of the record is 5a162ce4-dcce-e411-b9bf-005056b832ff</Message>

     <Timestamp>2015-03-20T08:41:25.6207047Z</Timestamp>

     <InnerFault i:nil="true" />

     <TraceText>

    [Reply.Arcese.Plugin: Reply.Arcese.Plugin.Plugins.CompanyAccountUpdateContact]

    [51b6119c-4000-e311-8728-005056b81f64: Reply.Arcese.Plugin.Plugins.CompanyAccountUpdateContact: Create of new_companyaccount]

    </TraceText>

    </OrganizationServiceFault>

    Thanks!

    Luca

  • Suggested answer
    ScottDurow Profile Picture
    ScottDurow 21 on at

    Hi,

    My theory was right - it is the plugin Reply.Arcese.Plugin.Plugins.CompanyAccountUpdateContact that is attempting to update the field that is secured. You will need to amend this plugin so that it does not try and update the field or ensure it uses elevated privileges.

    See msdn.microsoft.com/.../gg309416.aspx

    Hope this helps,

    Scott

  • Community Member Profile Picture
    Community Member on at

    I appreciate your answer.

    I will focus on it and try to resolve.

    Thanks,

    L

  • Community Member Profile Picture
    Community Member on at

    I'm so sorry because I'm quite bothering you but, where is the plugin located? ON our servers? Am I able to manage the actions that the plugin does?

    I'm not a real "techinician", so I have some problems in understanding everything in the link above..

    Thanks,

    L

  • Suggested answer
    ScottDurow Profile Picture
    ScottDurow 21 on at

    The plugin will be written in code using Visual Studio and then deployed to the server. You will need to contact the developer of the plugin I would expect.

    Hope this helps,

    Scott

  • Community Member Profile Picture
    Community Member on at

    Yes, really helpful. I contacted the system admin and I'm waiting for a responde.

    in the meantime, I have another doubt on the issue (forgive me again if I'm still bothering), but, could it be also a problem regard the settings of the custom fields created (as new_companyaccount mentioned in the log file)? I mean, maybe there is a setting that allows me to let the systems be less "strict" regard user s security profiles..

    Thanks again for your patience.

    Have a nice day,

    L

  • Suggested answer
    ScottDurow Profile Picture
    ScottDurow 21 on at

    The only option have is to add update permissions to the field level security profile that the user is in.

  • mscrmba Profile Picture
    mscrmba on at

    Would adding the permission 'Act on behalf of another user' to the user's security role do anything? (Business Management, miscellaneous privileges)

  • ScottDurow Profile Picture
    ScottDurow 21 on at

    This privilege is for when you perform impersonation by setting the UserId on webservice calls.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

#1
SA-08121319-0 Profile Picture

SA-08121319-0 4

#1
Calum MacFarlane Profile Picture

Calum MacFarlane 4

#3
Alex Fun Wei Jie Profile Picture

Alex Fun Wei Jie 2

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans